Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/08/07 12:31 a.m.7 views

CVE-2025-54795

Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code...

8.7CVSS6.4AI score0.0097EPSS
Exploits0References1
vulnersosv
vulnersosv
added 2025/08/05 1:42 a.m.6 views

1shot (>=0.0.3 <=0.0.9), @4xian/ccapi (=1.0.6) +210 more potentially affected by CVE-2025-54795 +1 more via @anthropic-ai/claude-code (>=1.0.108 <=1.0.128)

@anthropic-ai/claude-code NPM version =1.0.108, =0.0.3, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.6.0-rc34, =1.0.0, =1.3.2-canary.5af7e49 - @chittycorp/chittychat =3.0.0 and more Source cves: CVE-2025-54795, CVE-2025-547954 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-11502065...

9.8CVSS7.2AI score0.0097EPSS
Exploits0
vulnrichment
vulnrichment
added 2025/08/05 12:7 a.m.3 views

CVE-2025-54795 Claude Code echo command allowed bypass of user approval prompt for command execution

Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code...

8.7CVSS6.5AI score0.0097EPSS
Exploits0References1
cve
cve
added 2025/08/05 12:7 a.m.52 views

CVE-2025-54795

CVE-2025-54795 affects Claude Code. Multiple connected sources confirm a command parsing error in versions below 1.0.20 that can bypass the in-application confirmation prompt and trigger execution of untrusted commands when attack content is fed into the Claude Code context window. Impacted data/...

9.8CVSS6.7AI score0.0097EPSS
Exploits0References1Affected Software1
vulnersosv
vulnersosv
added 2025/08/04 3:18 p.m.6 views

1shot (>=0.0.3 <=0.0.9), @4via6/relay (>=1.0.0 <=1.1.3) +222 more potentially affected by CVE-2025-54795 via @anthropic-ai/claude-code (>=0.2.126 <=1.0.128)

@anthropic-ai/claude-code NPM version =0.2.126, =0.0.3, =1.0.0, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.0.1, =0.0.55, =0.0.69 - @brandongtr/rule-agent-cli =1.0.1-beta.0 and more Source cves: CVE-2025-54795 Source advisory: OSV:GHSA-X56V-X2H6-7J34...

9.8CVSS7.2AI score0.0097EPSS
Exploits0
Rows per page
Query Builder